summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-09-19zebra: process information about new addresses (BZ#486)Christian Franke
Because of a change of semantics in the Linux kernel, information about changes made by zebra itself was not considered for updates. This change should fix this by accounting for the new semantics. It is based on a patch by lich posted to the bugzilla #486 Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-08-06ospfd: protect vs. VU#229804 (malformed Router-LSA)David Lamparter
VU#229804 reports that, by injecting Router LSAs with the Advertising Router ID different from the Link State ID, OSPF implementations can be tricked into retaining and using invalid information. Quagga is not vulnerable to this because it looks up Router LSAs by (Router-ID, LS-ID) pair. The relevant code is in ospf_lsa.c l.3140. Note the double "id" parameter at the end. Still, we can provide an improvement here by discarding such malformed LSAs and providing a warning to the administrator. While we cannot prevent such malformed LSAs from entering the OSPF domain, we can certainly try to limit their distribution. cf. http://www.kb.cert.org/vuls/id/229804 for the vulnerability report. This issue is a specification issue in the OSPF protocol that was discovered by Dr. Gabi Nakibly. Reported-by: CERT Coordination Center <cert@cert.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-08-06bgpd, zebra: support NEXTHOP_IPV4_IFINDEX in bgp import checkChristian Franke
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-08-06bgpd, zebra: Support NEXTHOP_IPV4_IFINDEX in nexthop_lookup apiChristian Franke
Since commit ba281d3d040, ospfd uses NEXTHOP_IPV4_IFINDEX routes. The API between zebra and bgpd which is used to query nexthops for recursive routes did not support this nexthop type and therefore, ospf changes (or any other IGP changes which use NEXTHOP_IPV4_IFINDEX) would never trigger any recursive route update. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-08-06zebra: improve display of NEXTHOP_IPV4_IFINDEX in show ip routeChristian Franke
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-31bgpd: honor PEER_FLAG_DISABLE_CONNECTED_CHECK on bgp_scanChristian Franke
When neighbor disable-connected-check was used, bgpd would accept routes with unconnected nexthop as indended, however those routes would be invalidated on the next bgp_scan run as that function did not know about disable-connected-check. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-31isisd, ospf6d: use bug-report information from autoconfChristian Franke
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-31zebra: don't printf to stdout on ZEBRA_IPV6_NEXTHOP_LOOKUPChristian Franke
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-31vtysh: don't append superflous spaces (BZ#750)Christian Franke
rl_completion_append_character is reset to space every time the completion function is entered. So we would have to set it to '\0' every time new_completion() is called. We can make this conditional and avoid using rl_pending_input. This code path is most relevant when there are multiple completion matches with the same prefix, e.g. in router bgp context: "neighbor 1.2.3.4 pa"<ssive|ssword> would have been completed to "neighbor 1.2.3.4 pass " instead of "neighbor 1.2.3.4 pass". Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-31bgpd: write NOTIFY non-blockinglyDavid Lamparter
switching the socket to blocking may well block the entire bgpd process for some time if our peer is overloaded (which may well be the original reason for the NOTIFY) The error handling is slightly different from the previous ML discussion on this; buffer exhaustion isn't technically a fatal TCP error, and we should probably proceed with FSM actions according to a sent NOTIFY (adjusting timers) even if we didn't manage to get the NOTIFY onto the wire. Acked-by: Leonid Rosenboim <lrosenbo@wrs.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-30bgpd: prevent double address delete on shutdownRakesh Garimella
bgp_interface_down() and bgp_exit() both proceed to delete the address from bgpd's interface representation, so the second call gets a NULL result from the hash lookup and subsequently crashes. Signed-off-by: Rakesh Garimella <rakesh.garimella@sophos.com> [reformatted] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-30bgpd: stricter packet handling in OpenSentLeonid Rosenboim
Keepalives and updates are not expected in OpenSent, prior to receiving the peer's open message. Terminate the session with the proper notification. From: Leonid Rosenboim <lrosenbo@wrs.com> [split off FSM changes, some reordering & cleanup. read handling needs to be separately addressed] Signed-off-by: David Lamparter <equinox@diac24.net>
2013-07-30lib: unconditionally include stddef.hDavid Lamparter
I've used offsetof() in the previous commit to paper over the security problems in ospf_api.c. This blows the build on FreeBSD 7.0, missing offsetof(). Let's add that to zebra's generally used includes. stddef.h (and offsetof) is defined in C89 section 4.1.5 (and not deprecated/removed by any later standard). If this causes problems, the bug report should go against the host OS/compiler... Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-28ospfd: CVE-2013-2236, stack overrun in apiserverDavid Lamparter
the OSPF API-server (exporting the LSDB and allowing announcement of Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads to an exploitable stack overflow. For this condition to occur, the following two conditions must be true: - Quagga is configured with --enable-opaque-lsa - ospfd is started with the "-a" command line option If either of these does not hold, the relevant code is not executed and the issue does not get triggered. Since the issue occurs on receiving large LSAs (larger than 1488 bytes), it is possible for this to happen during normal operation of a network. In particular, if there is an OSPF router with a large number of interfaces, the Router-LSA of that router may exceed 1488 bytes and trigger this, leading to an ospfd crash. For an attacker to exploit this, s/he must be able to inject valid LSAs into the OSPF domain. Any best-practice protection measure (using crypto authentication, restricting OSPF to internal interfaces, packet filtering protocol 89, etc.) will prevent exploitation. On top of that, remote (not on an OSPF-speaking network segment) attackers will have difficulties bringing up the adjacency needed to inject a LSA. This patch only performs minimal changes to remove the possibility of a stack overrun. The OSPF API in general is quite ugly and needs a rewrite. Reported-by: Ricky Charlet <ricky.charlet@hp.com> Cc: Florian Weimer <fweimer@redhat.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-07-15doc: Modernize INSTALL.quagga.txt.Greg Troxel
Note that list of prereq versions is out of date. Add DejaGnu for testing. Change references to CVS to git. Signed-off-by: Greg Troxel <gdt@ir.bbn.com>
2013-07-15tests: don't build tests unless make check is runChristian Franke
Use check_PROGRAMS instead of noinst_PROGRAMS in tests/Makefile.am to build the tests only when make check is actually run. Signed-off-by: Christian Franke <chris@opensourcerouting.org>
2013-07-09tests: fix Makefile.am so it works with BSD makeChristian Franke
The export statement is specific to GNU make and breaks the build with BSD make. I couldn't observe any difference in behaviour between having the export present and absent, therefore, just remove it. Signed-off-by: Christian Franke <chris@opensourcerouting.org>
2013-04-20ospfd: fix flooding procedureChristian Franke
An ospf router should accept a new maxage LSA into its lsdb if it has any neighbors in state Exchange or Loading. ospfd would however only account for neighbors on the same interface which does not seem to be a valid optimization. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: Joachim Nilsson <troglobit@gmail.com> Signed-off-by: David Lamparter <equinox@diac24.net>
2013-04-20ospfd: make ospf_maxage_lsa_remover actually yieldChristian Franke
ospf_maxage_lsa_remover whould check whether to yield, but run on anyway. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: Joachim Nilsson <troglobit@gmail.com> Signed-off-by: David Lamparter <equinox@diac24.net>
2013-04-16doc: update TODO for ospf6d work & bgp multipathDinesh G Dutt
This is work in progress at Cumulus Networks.
2013-04-14tests: DejaGNU libzebraDavid Lamparter
Wrap the few libzebra test programs we have up for DejaGNU. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-14tests: DejaGNU bgpdDavid Lamparter
this just wraps the existing test programs in expect wrappers that make their results usable to DejaGNU. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-14tests: add DejaGNU frameworkDavid Lamparter
DejaGNU seems to be the 'standard' GNU test framework (which by itself doesn't say much), but it seems relatively usable and the "remote system" capabilities might come in handy for virtualisation-based tests for kernel interactions or something. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09ospfd: restore nexthop IP for p2p interfacesChristian Franke
commit c81ee5c... "ospfd: Optimize and improve SPF nexthop calculation" subtly changed semantics of routes calculated over pointopoint links by removing the nexthop IP address and instead using an ifindex route. This breaks calculation of AS-Ext routes with a forwarding address since in ospf_ase_complete_direct_routes() this will be hit: if (op->nexthop.s_addr == 0) op->nexthop.s_addr = nexthop.s_addr; thus turning the route unusable by having an invalid nexthop. Fix by restoring the nexthop IP on routes over PtP links. This also allows running multi-access (Ethernet) interfaces in PtP mode again. This bug is a regression against 0.99.21 and only present in 0.99.22. Signed-off-by: Christian Franke <chris@opensourcerouting.org> [patch description and code comments rewritten] Acked-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Acked-by: James Li <jli@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09lib/vty: register vtysh socket in server socket vector (BZ#754)Christian Franke
Register the vtysh socket in Vvty_serv_thread so it will be correctly closed on vty_reset instead of being leaked. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09ripd: correctly redistribute ifindex routes (BZ#664)David Lamparter
ripd had a check to restrict metric 0 to only directly connected routes. This check was implemented by checking against Connected as route type. This is, however, incorrect -- all routes that directly use an interface without a nexthop should be treated as directly connected and passed off with metric 0. ripngd does not posess such a check and was not touched. Reported-by: Sean Fulton <sean@gcnpublishing.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09build: reference libcap from libzebra (BZ#393,626)David Lamparter
While the actual build failures have been fixed independently by d1d3ac9 "build: reorder libraries to address linker error", libzebra still does not reference libcap. This will lead to more build failures if someone else tries to use libzebra and doesn't add libcap. Let's just add libcap here and be done with it. I've not added libcap to the _DEPENDENCIES variable above since libcap is a system library. Actually, the whole _DEPENDENCIES thing is rather fishy; automake automatically sets _DEPENDENCIES from _LIBADD. For the sake of not breaking stuff that works (especially since most autotools stuff is arcane magic), I'm leaving it alone... Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09ospfd: fix LSA initialization for build without opaque LSAChristian Franke
If configured without opaque LSA support, the old code would incorrectly associate type 5 LSAs with an area. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09tests: make --disable-bgpd kill bgpd tests tooDavid Lamparter
bgpd tests don't compile or run with --disable-bgpd, let's catch this in the Makefile. Reported-by: Joachim Nilsson <troglobit@gmail.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09build: fix minimal mixup in gitinfo suffixDavid Lamparter
the original version of this had issues with tagless repositories; to fix that I removed the "-g" part from one of the regexes. I then failed to add those 2 characters back, leading to version numbers like "0.99.220123456" instead of "0.99.22-ga123456". Let's put the "-g" back... Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-09doc: fix makeinfo errors and one warningTimo Teräs
commit 4afa50b added few lines that are syntactically incorrect with leading plus sign. Cc: Denis Ovsienko <infrastation@yandex.ru> Signed-off-by: Timo Teräs <timo.teras@iki.fi> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-03-29doc: add OSPFv3 homenet to TODODavid Lamparter
The homenet OSPFv3 extensions are not only relevant TODO items, but also suitable for GSoC students. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-03-29doc: update TODODavid Lamparter
the TODO was last touched in 2006. This is a first pass at cleaning it up, motivated primarily by the need for an up-to-date idea list for the Google Summer of Code 2013. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-03-03build: Update supported versions.Greg Troxel
INSTALL.quagga.tex: Given the statement that it's viewed as a bug if quagga doesn't build on OS versions on the list, prune the list to the set for which there would be near-universal agreement that it's a bug. Clarify that the response to a system on the list not building might be dropping it from the list. (Time marches on, and these lists are not necessarily maintained. As an example, the comment saying FreeBSD4 support was iffy is now 6 years old.) Delete old discussion of ancient texinfo. Delete discussion of NetBSD versions before 4 (as no longer relevant).
2013-02-24hash: dynamically grow hash tableStephen Hemminger
Dynamically grow the hash table index if the chains get too long. If expansion doesn't help keep chain length short, then stop expanding, to avoid bad behavior if there is a poor hash function. Not a new idea, based on concepts in uthash. Depends on my previous patch to restrict hash to power of 2. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> [profiling results: sum of cycles spent in hash_get/jhash with RIPE RIS test data (single simple BGP peer) improved to 69% of previously spent] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-24hash: force size to be a power of 2Stephen Hemminger
By forcing the hash table size to be a power of 2, a potentially expensive divide can be replaced by a mask operation. Almost all usage of the hash table was using default size of 1024. Only places with different size was thread library (1011) and bgp aspath. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-23guile: removeDavid Lamparter
2013-02-23build: update quagga.spec.inMatti-Oskari Leppänen
both Quagga and RPM have moved a bit since this was last touched. Should now work again on CentOS 5 and 6. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-23vtysh: fix false lib path matching in extract.pl.inJoakim Tjernlund
The if ($file =~ /lib/) path matching logic is supposed to match Quagga's lib directory only but will match all path having lib in it such as /var/lib/jenkins/quagga/... Fix by matching both lib and file: lib/keychain.c etc. Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-23bgpd: fix lost passwords of grouped neighborsRoman Hoog Antink
This patch resolves the significance of order of group and password statements. It prevents passwords from being lost in cases where all three conditions apply: 1. the peer is member of a group with or without group password 2. the peer has an individual password set 3. the peer is added to a group within an address-family ipv6 section In addition this patch prevents the same issue in cases, where an IPv4 peer's password is set first and the peer is added to a group afterwards. Adding a peer to a group cancels his individual password. Without ipv6 this is not a problem, because choosing the right order of config statements will do (set password only after adding peer to group). When adding the peer to a group within the address-family section, his password is definitely lost. The same workaround (ie. setting the password after the address-family section) can not be used, because "show run" will print the configuration statements in the wrong order. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-23zebra: use SO_RCVBUFFORCE for netlink socketUlrich Weber
so net.core.rmem_max must not be adjusted. Requires linux kernel >= 2.6.14, falls back to SO_RCVBUF on error Signed-off-by: Ulrich Weber <ulrich.weber@sophos.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-10release: 0.99.22David Lamparter
2013-02-09build: fix "pragma weak" mixupsDavid Lamparter
Not only was there a minor typo in the "pragma weak" preprocessor checks, but also were the tests not behaving as needed - they only indicated support for the /first/ method of implementing weak aliases, which on Linux is __attribute__ and not #pragma. * m4/ax_sys_weak_alias.m4: set defines for _all_ weak alias methods * zebra/kernel_null.c: fix typo Cc: Doug VanLeuven <roamdad@sonic.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-01doc: update some introduction paragraphsDavid Lamparter
in particular, - add IS-IS to some listings - list Solaris & OSX as "some work required" - remove OS version numbers. We have no base to specify any of them. - list supported C compilers (gcc, clang, icc) - cut the Quagga 2.0 stuff that promises QoS and firewall functionality
2013-02-01doc: update NEWS for 0.99.22 changesDavid Lamparter
2013-02-01bgpd: fix crash in soft-reconfigurationChristian Franke
Commit 8692c50652 introduced a bug where bgpd would crash on soft-reconfiguration. This happens e.g. when there are filtered unicast routes because rn->info is NULL in that case, which the code did not account for. Reported-by: Paweł Staszewski <pstaszewski@itcare.pl> Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-01tests: fix missing init in bgp_mp_attr_test.cDavid Lamparter
turns out, bgp_mp_reach_parse really doesn't like getting garbage attribute input. In particular, attr->extra better be NULL or we merrily go trample random places (like our stack). Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-01tests: update & extend AS_PATH testsDavid Lamparter
NB: these tests test for current implementation state, not for RFC conformance. In particular, behaviour with confederations in AS4_PATH as well as reconcilation of short AS_PATH + AS4_PATH is currently NOT conforming to RFC 4893/6793. * tests/aspath_test.c: add capability to put both AS4_PATH & AS_PATH, add test for AS4_PATH w/o AS_PATH, update confederation test Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-01bgpd: relax ORF capability length handlingDavid Lamparter
commit fe9bb64... "bgpd: CVE-2012-1820, DoS in bgp_capability_orf()" made the length test in bgp_capability_orf_entry() stricter and is now causing us to refuse (with CEASE) ORF capabilites carrying any excess data. This does not conform to the robustness principle as laid out by RFC1122 ("be liberal in what you accept"). Even worse, RFC5291 is quite unclear on how to use the ORF capability with multiple AFI/SAFIs. It can be interpreted as either "use one instance, stuff everything in" but also as "use multiple instances". So, if not for applying robustness, we end up clearing sessions from implementations going by the former interpretation. (or if anyone dares add a byte of padding...) Cc: Denis Ovsienko <infrastation@yandex.ru> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-02-01bgpd: don't try to reconcile AS4_PATH with NULLDavid Lamparter
bgp_attr_munge_as4_attrs would previously try to reintegrate an AS4_PATH with a NULL AS_PATH, leading to a rather nasty SEGV. Let's go by RFC6793 and treat missing AS_PATH as 0-length AS_PATH, which in turn means discarding the AS4_PATH. [NB: we don't actually stick to the actual rule, which is discarding AS4_PATH if it's longer than AS_PATH; indeed we should probably fix that too] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>